ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Data Engineer All Questions

View all questions & answers for the Professional Data Engineer exam
Go to Exam

Exam Professional Data Engineer topic 1 question 64 discussion

Actual exam question from Google's Professional Data Engineer
Question #: 64
Topic #: 1
[All Professional Data Engineer Questions]

You are integrating one of your internal IT applications and Google BigQuery, so users can query BigQuery from the application's interface. You do not want individual users to authenticate to BigQuery and you do not want to give them access to the dataset. You need to securely access BigQuery from your IT application. What should you do?

  • A. Create groups for your users and give those groups access to the dataset
  • B. Integrate with a single sign-on (SSO) platform, and pass each user's credentials along with the query request
  • C. Create a service account and grant dataset access to that account. Use the service account's private key to access the dataset
  • D. Create a dummy user and grant dataset access to that user. Store the username and password for that user in a file on the files system, and use those credentials to access the BigQuery dataset
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by [deleted] at March 21, 2020, 3:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
samdhimal
1 year ago
C. Create a service account and grant dataset access to that account. Use the service account's private key to access the dataset. Creating a service account and granting dataset access to that account is the most secure way to access BigQuery from an IT application. Service accounts are designed for use in automated systems and do not require user interaction, eliminating the need for individual users to authenticate to BigQuery. Additionally, by using the private key of the service account to access the dataset, you can ensure that the authentication process is secure and that only authorized users have access to the data.
upvoted 4 times
samdhimal
1 year ago
Option A: Create groups for your users and give those groups access to the dataset, is not the best option because it still requires users to authenticate to BigQuery Option B: Integrate with a single sign-on (SSO) platform, and pass each user's credentials along with the query request is not the best option because it still requires users to authenticate to BigQuery. Option D: Create a dummy user and grant dataset access to that user. Store the username and password for that user in a file on the files system, and use those credentials to access the BigQuery dataset is not a secure option because it involves storing sensitive information in a file on the file system, which can be easily accessed by unauthorized users.
upvoted 4 times
...
...
DGames
1 year, 2 months ago
Selected Answer: C
Service account approach is secure in GCP to communicate with between service or application
upvoted 1 times
...
NicolasN
1 year, 3 months ago
Selected Answer: C
[C] The reason in https://cloud.google.com/bigquery/docs/data-governance#identity "Users of BigQuery might be humans, but they might also be nonhuman applications that communicate using a BigQuery client library or the REST API. These applications should identify themselves using a service account, the special type of Google identity intended to represent a nonhuman user."
upvoted 1 times
...
Tanzu
2 years ago
Selected Answer: C
such kind of questions are always service account oriented. and sa can be used as a user ..not just for machine2machine users may or may not enter their credentials app login window. that's not main point by the way
upvoted 2 times
...
rcruz
2 years ago
Selected Answer: C
Correct: C
upvoted 2 times
...
anji007
2 years, 4 months ago
Ans: C
upvoted 2 times
...
daghayeghi
2 years, 11 months ago
C: It says "do not want individual users to authenticate to BigQuery and you do not want to give them access to the dataset", then C is the best choice.
upvoted 3 times
...
ave4000
3 years, 3 months ago
Granting access to the app through a service account would mean all of the users that access the app have access to the BQ. Question was to filter it out, so I believe each user would have to be added to a group that does or doesn't have access to the dataset.
upvoted 4 times
squishy_fishy
2 years, 4 months ago
The answer is C. When access data through application, Google recommendation is using service account.
upvoted 1 times
...
kavs
3 years, 3 months ago
Yes A seems to be right
upvoted 4 times
kavs
3 years, 3 months ago
It says individually don't want to authorise service account could be right too
upvoted 3 times
...
...
...
Ankush_j
3 years, 4 months ago
Ans is C, Service account is best for secure data
upvoted 3 times
...
haroldbenites
3 years, 5 months ago
C is correct
upvoted 3 times
...
Rajuuu
3 years, 7 months ago
Correct C.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel